diff --git a/html/altlogin.php b/html/altlogin.php index 0a91f6f..6a6343b 100644 --- a/html/altlogin.php +++ b/html/altlogin.php @@ -4,73 +4,73 @@ { header("Location: https://" . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]); exit(); - die(); + die(); } //If logged in, and requested to logout... log them out and show login screen if(isset($_SESSION['login'])) { - if(isset($_REQUEST['logout'])) { - unset($_SESSION['login']); - $report = "
You have been logged out
"; - } else { - //if not requesting to logout... Take back home - header("Location: ./?d=server1"); - exit(); - die(); - } + if(isset($_REQUEST['logout'])) { + unset($_SESSION['login']); + $report = "
You have been logged out
"; + } else { + //if not requesting to logout... Take back home + header("Location: ./?d=server1"); + exit(); + die(); + } } - -$userN=""; +$user_name=""; $passW=""; if(isset($_POST['uname'])) { - $userN = addslashes($_POST['uname']); + $user_name = addslashes($_POST['uname']); } if(isset($_POST['passw'])) { - $passW = addslashes(md5(trim($_POST['passw']))); + $passW = addslashes(md5(trim($_POST['passw']))); } -if(!empty($userN) && !empty($passW)) { - $userlist = file ('/var/www/users.txt'); - $success = false; - foreach ($userlist as $user) { - $user_details = explode('|', $user); - if ((strtolower($user_details[0]) == strtolower($userN)) && trim($user_details[1]) == $passW) { - $userN = $user_details[0]; - $userL = $user_details[2]; - $success = true; - break; - } - } - if ($success) { - $_SESSION['login']['user']=$userN; - $_SESSION['login']['level']=$userL; - //Send home if logged in - header("Location: ./?d=server1"); - die(); - } else { - $report = "
You have entered the wrong username or password. Please try again.
"; - } +if(!empty($user_name) && !empty($passW)) { + $userlist = file ('/var/www/users.txt'); + $success = false; + foreach ($userlist as $user) { + $user_details = explode('|', $user); + if ((strtolower($user_details[0]) == strtolower($user_name)) && trim($user_details[1]) == $passW) { + var_dump($user_details); + $user_name = trim($user_details[0]); + $user_level = trim($user_details[2]); + $success = true; + break; + } + } + if ($success) { + $_SESSION['login']['user'] = $user_name; + $_SESSION['login']['level'] = $user_level; + //Send home if logged in + header("Location: ./?d=server1"); + die(); + } else { + $report = "
You have entered the wrong username or password. Please try again.
"; + } } elseif(isset($_POST['submit'])) { - $report = "
I don't like no input
"; + $report = "
I don't like no input
"; } - +session_write_close(); ?> - - - - - -
-
- - -
-
- - + + + + + +
+
+ + +
+
+ + \ No newline at end of file diff --git a/html/assets/css/base.css b/html/assets/css/base.css index 2ca224f..b108d25 100644 --- a/html/assets/css/base.css +++ b/html/assets/css/base.css @@ -1,3 +1,37 @@ + +.nav { + width: 100%; + margin-bottom: 20px; +} +.nav ul { + list-style-type: none; + margin: 0; + padding: 0; + overflow: hidden; +} +.nav li { + display: inline; + + text-align: center; + padding: 4px 4px 0 0; + text-decoration: none; +} + +.welcome-msg { + font-family: 'Audiowide'; + font-size: 24px; + + padding-right: 30px; + + -webkit-animation: blink_blink 10s infinite; + animation: blink_blink 10s infinite; +} +@-webkit-keyframes blink_blink { + 0% { color: black; } + 50% { color: red; } + 100% { color: black; } +} + a:visited{ color:blue; } @@ -41,5 +75,50 @@ table.tablesorter thead tr .headerSortDown { background-image: url(../img/desc.gif); } table.tablesorter thead tr .headerSortDown, table.tablesorter thead tr .headerSortUp { -background-color: #8dbdd8; + background-color: #8dbdd8; +} + +.leftside { + height: auto; + width: 54%; + float: left; +} +.rightside { + height: 90%; + width: 44%; + float: right; +} +.console { + width: 100%; + height: 300px; +} +.console textarea { + width: 100%; + height: 100%; +} +.chat { + width: 100%; + height: 400px; +} +.chat textarea { + width: 100%; + height: 300px; +} +.files { + width: 100%; + height: 99%; +} + +@media only screen and (max-width: 1200px) { + .leftside { + height: auto; + width: 100%; + } + .rightside { + height: 60%; + width: 100%; + } + .files { + width: 100%; + } } diff --git a/html/assets/css/customalerts.css b/html/assets/css/customalerts.css index a786a3f..a91632e 100644 --- a/html/assets/css/customalerts.css +++ b/html/assets/css/customalerts.css @@ -23,6 +23,19 @@ overflow-x: hidden; max-height:70%; } + +@media only screen and (max-width: 1200px) { + .modal-content { + background-color: #fefefe; + margin: 5% auto 5% auto; /* 15% from the top and centered */ + padding: 20px; + border: 1px solid #888; + width: 90%; + overflow: scroll; + overflow-x: hidden; + max-height:70%; + } +} .msg-col { display: inline-block; width: 70%; diff --git a/html/assets/js/base.js b/html/assets/js/base.js index 837e589..44f0ef4 100644 --- a/html/assets/js/base.js +++ b/html/assets/js/base.js @@ -1035,12 +1035,12 @@ function Download(url) { - if (user_level == "viewonly") { return; } + if (user.level === "viewonly" || user.level === "guest") { return; } document.getElementById('file_iframe').src = url; } function server_sss(cmd) { - if(user_level == "viewonly" && (cmd == "start" || cmd == "stop" || cmd == "forcekill" )) { + if((user.level === "viewonly" || user.level === "guest") && (cmd == "start" || cmd == "stop" || cmd == "forcekill" )) { customAlerts.add("You have view only access","warning",true); return; } @@ -1063,7 +1063,7 @@ function server_sss(cmd) { }; } function force_kill(cmd) { - if(user_level == "viewonly") { + if(user.level === "viewonly" || user.level === "guest") { customAlerts.add("You have view only access",'warning',true); return; } @@ -1086,7 +1086,7 @@ function force_kill(cmd) { } } function command() { - if(user_level == "viewonly") { + if(user.level === "viewonly" || user.level === "guest") { customAlerts.add("You have view only access","warning",true); return; } @@ -1159,7 +1159,7 @@ function uploadCanceled() { } function upload() { - if ($('#upload_file').val == "" || user_level == "viewonly") { + if ($('#upload_file').val == "" || user.level === "viewonly" || user.level === "guest") { return; } var the_file; @@ -1235,7 +1235,7 @@ function command_history(args) { } function update_web_control(user_name) { - if(user_name=="admin") { + if(user_name === "admin") { var r = confirm("Update webgui and server control files?"); if (r == true) { $("#update_web_control").submit(); @@ -1287,13 +1287,13 @@ function files_delete() { //Things to only start doing after the page has finished loading $(document).ready(function() { - $('#welcome_user').text(user_name); + $('#welcome_user').text(user.name); tc_console(); $('#upload_file').on('change', function() { upload(); }); $('#delete_files').on('click', function() { - if(user_level == "viewonly") { + if(user.level === "viewonly" || user.level === "guest"){ customAlerts.add("You have view only access","warning",true); return; } @@ -1320,7 +1320,7 @@ $(document).ready(function() { }); //Upload button click event $('#upload_button').on('click', function() { - if(user_level == "viewonly") { + if(user.level === "viewonly" || user.level === "guest") { customAlerts.add("You have view only access","warning",true); return; } @@ -1328,7 +1328,7 @@ $(document).ready(function() { }); $('#command').keydown(function(event) { if (event.keyCode == 13) command(); - if (user_level == "viewonly") { return; } + if (user.level === "viewonly" || user.level === "guest") { return; } if (event.keyCode == 38) command_history('up'); if (event.keyCode == 40) command_history('down'); }); diff --git a/html/assets/js/console.js b/html/assets/js/console.js index faaa83f..65d57a8 100644 --- a/html/assets/js/console.js +++ b/html/assets/js/console.js @@ -3,8 +3,12 @@ var dir = loc.substring(0, loc.lastIndexOf('/')); var refreshtime=500; function tc_console() { - asyncAjax("GET",dir + "/assets/api/console.php?d=" + server_select + "&s=console",Math.random(),display,{},"console"); + if(user.level === "admin" || user.level === "mod"){ + asyncAjax("GET",dir + "/assets/api/console.php?d=" + server_select + "&s=console",Math.random(),display,{},"console"); + } + asyncAjax("GET",dir + "/assets/api/console.php?d=" + server_select + "&s=chat",Math.random(),display,{},"chat"); + setTimeout(tc_console,refreshtime); } diff --git a/html/files.php b/html/files.php index 331fb8c..309ac46 100644 --- a/html/files.php +++ b/html/files.php @@ -51,7 +51,7 @@ } die(); } elseif(isset($_REQUEST['download'])) { - if($user_level=="viewonly") { + if($user_level == "viewonly" || $user_level == "guest") { die('You have view only access.\nVisit our archive for file downloads\nwww.3ragaming.com/archive/factorio'); } if(empty($_REQUEST['download'])) @@ -168,7 +168,7 @@ die(); } elseif(isset($_REQUEST['upload'])) { - if($user_level=="viewonly") { + if($user_level == "viewonly" || $user_level == "guest") { die('You have read only access.'); } else { //Valdidate name @@ -288,7 +288,7 @@ die(); } elseif(isset($_REQUEST['delete'])) { - if($user_level=="viewonly") { + if($user_level == "viewonly" || $user_level == "guest") { die('You have view only access.'); } else { if(empty($_REQUEST['delete'])) diff --git a/html/index.php b/html/index.php index 829db9b..e251c66 100644 --- a/html/index.php +++ b/html/index.php @@ -10,9 +10,9 @@ die(); } } - + + if(isset($_SESSION['login']['user'])) { $user_name = $_SESSION['login']['user']; } else { $user_name = "guest"; } if(isset($_SESSION['login']['level'])) { $user_level = $_SESSION['login']['level']; } else { $user_level = "viewonly"; } - if(isset($_SESSION['login']['user'])) { $user_name = $_SESSION['login']['user']; } else { $user_name = "guest"; } if(isset($_SESSION['login']['reload_report'])) { $session['login']['reload_report'] = $_SESSION['login']['reload_report']; unset($_SESSION['login']['reload_report']); @@ -32,7 +32,6 @@ } session_write_close(); ?> - @@ -40,9 +39,19 @@ var server_select = ""; //you can try to change this if you really want. Validations are also done server side. //This is just for a better graphical experience, ie: if you're a viewonly account, why upload a file, just to be told you can't do that? + + var user = { + name: "", + level: "" + }; + + // TODO remove this + // user debug to js console. + console.log(user); - + + + +
-
- Welcome, ..guest.. -  -     -  -  -  -  -  -  - config -  - - - - - Logs -
-  -  - Logout -
-
- 00 % - 0.00/0.00 GB + +
+
    +
  • Welcome .
    • + +
    • +
    • +
    • +
  • config
    • +
  • + + +
    • +
    • +
  • Logs
    • +ADMIN; + } elseif ($user_level == "mod") { + echo << +
    • +
    • +
    • +
  • config
    • +
    • +
  • Logs
    • +MOD; + } else { + echo <<Status -  +  -  + +QUEST; + } + ?> + +
    • +
  • Logout
    • +
  • 0.00/0.00 GB
    • +
  • 00 %
    • +
    • + +
+
+ +
+ +
'; + } + ?> + +
+
+   +
+
+ +
+ +
+
+ + +  :  +  :  + + + +ADMIN; + } elseif ($user_level == "mod") { + echo <<
- -
- -
- -
-   - -
- -
-
- - -  :  -  :  - - - -
- - - - - - - - - - - - - -
FileSizeCreationEditor
- -
+QUEST; + } + ?> + +
+ + + + + + + + + + + + + +
FileSizeCreationEditor
+ +
+
+ + diff --git a/html/login.php b/html/login.php index cd126bf..5137af2 100644 --- a/html/login.php +++ b/html/login.php @@ -158,11 +158,9 @@ /* DEBUG */if(isset($debug)) { $debug[] = "mod login verified!"; } $session['login']['user']=$memberjson["user"]["username"]; $session['login']['level']="mod"; - } elseif($userid == "264805254758006801" ) { + } else { $session['login']['user']=$memberjson["user"]["username"]; $session['login']['level']="guest"; - } else { - $error = "unauthorized"; } } } diff --git a/html/logs.php b/html/logs.php index 7f6db79..a89063f 100644 --- a/html/logs.php +++ b/html/logs.php @@ -14,7 +14,7 @@ if(isset($_SESSION['login']['level'])) { $user_level = $_SESSION['login']['level']; } else { $user_level = "viewonly"; } if(isset($_SESSION['login']['user'])) { $user_name = $_SESSION['login']['user']; } else { $user_name = "guest"; } - if($user_level=="viewonly") { + if($user_level == "viewonly" || $user_level == "guest") { die('Not allowed for view only'); } diff --git a/html/process.php b/html/process.php index ac13894..03d7ecf 100644 --- a/html/process.php +++ b/html/process.php @@ -21,7 +21,7 @@ session_write_close(); if(isset($_REQUEST['start'])) { - if($user_level=="viewonly") { + if($user_level == "viewonly" || $user_level == "guest") { echo "You have read only access."; } else { if(file_exists("$base_dir$server_select/server-settings.json")) { @@ -76,7 +76,7 @@ $output = shell_exec('bash '.$base_dir.'manage.sh "'.$server_select.'" "status" "'.$user_name.'"'); echo $output; } elseif(isset($_REQUEST['stop'])) { - if($user_level=="viewonly") { + if($user_level == "viewonly" || $user_level == "guest") { echo "You have view only access."; } else { //echo "Sending Stop Server Command:\n\n"; @@ -84,7 +84,7 @@ echo $output; } } elseif(isset($_REQUEST['forcekill'])) { - if($user_level=="viewonly") { + if($user_level == "viewonly" || $user_level == "guest") { echo "You have view only access."; } else { //echo "Sending Stop Server Command:\n\n"; @@ -97,7 +97,7 @@ echo "Servers killed. You monster."; } } elseif(isset($_REQUEST['command'])) { - if($user_level=="viewonly") { + if($user_level == "viewonly" || $user_level == "guest") { echo "You have view only access.";//".$_REQUEST['command']; } else { //screen -S factorio1 -X at 0 stuff 'hello\n' diff --git a/html/server-settings.php b/html/server-settings.php index 031ad93..d9d7671 100644 --- a/html/server-settings.php +++ b/html/server-settings.php @@ -19,7 +19,7 @@ } session_write_close(); - if($user_level=="viewonly") { + if($user_level == "viewonly" || $user_level == "guest") { die('Not allowed for view only'); } diff --git a/html/update_web_control.php b/html/update_web_control.php index 5f58034..559c5c1 100644 --- a/html/update_web_control.php +++ b/html/update_web_control.php @@ -16,7 +16,7 @@ if(isset($_SESSION['login']['user'])) { $user_name = $_SESSION['login']['user']; } else { $user_name = "guest"; } session_write_close(); - if($user_level=="admin") { + if($user_level == "admin") { if(isset($_POST['update'])) { echo ""; if($_POST['update']=="yes") { diff --git a/users.txt b/users.txt index 55033f4..4e36c7e 100644 --- a/users.txt +++ b/users.txt @@ -1,4 +1,4 @@ -admin1|5f4dcc3b5aa765d61d8327deb882cf99|admin -admin2|5f4dcc3b5aa765d61d8327deb882cf99|admin -mod1|5f4dcc3b5aa765d61d8327deb882cf99|admin -guest|5f4dcc3b5aa765d61d8327deb882cf99|guest +admin1|MD5_HASH_HERE|admin +admin2|MD5_HASH_HERE|admin +mod1|MD5_HASH_HERE|mod +guest|MD5_HASH_HERE|guest